Everybody makes New Year’s resolutions, but how many people actually stick with them? We can’t help you lose weight, but we can provide you with some insight that will better protect your website against the perils of cyber attacks. We’re challenging you to make 2015 the year where you make your website secure, via SSL.
What is SSL
SSL stands for Secure Socket Layer and is tech speak for establishing a "secure connection" for an encrypted link, typically between a web server and a browser. A site with "HTTPS" is an HTTP site with a SSL certificate.
The SSL layer has two main purposes.
- To verify that the server you are communicating with, is in fact that server.
- Ensure that ONLY the server can read what you send it and vice-versa.
To create a SSL connection, you'll first need to acquire a SSL Certificate. There are a few ways to go about this, but the easiest way is to check with your domain hosting company.
How SSL Works
In a very condensed and general sense, a SSL connection makes it difficult for anyone to intercept any of the data that you're transmitting to the server via informational exchanges at points along the way. There are three main phases that all play key roles in data transmission.
1) Introductory Phase: The browser sends a "Hello" message to which the server replies back with, "Hello."
2) Certificate Exchange: Once a connection is established, the burden of proof is on the server. In this step, the server provides a SSL certificate with information such as, the certificate’s public key and validity dates.
3) Key Exchange: This step is where the actual data transmission takes place. At this point, the message becomes encrypted via a symmetric key that is generated by the browser. The message is sent the server upon where it is decrypted by the server's private key. At this juncture, the main processes to send/receive have taken place.
eCommerce
Typically, most people understand that they shouldn't buy products from websites that aren't HTTPS secure. Or more than likely, they'll recognize not to purchase items from sites without the lock graphic in the top left corner of the address bar. In addition to the security benefits of buying from a secure site, Google now recognizes HTTPS as a best practice and is currently using it as a minor factor that influences search engine ranking.
SEO and SERPs
Over the past few months, Google has implemented a ranking signal that gives encrypted connections a slight boost in the rankings. Still in its infancy, it affects fewer than 1% (opens in new window) of the global queries right now. However, signs are pointing to Google expanding, not reducing it's reliance on this signal. So in addition to increasing your website's security, you can boost it's rankings in the SERPs. For Google, taking measures toward ensuring security and privacy are more ways for the search leviathan to continue it's reign atop the throne.
Site Migration
If you'd like to migrate your current HTTP site to a secure, HTTPS site, contact us. We'll do all the heavy lifting and you can reap the benefits! Make 2015 the year where you give your website an extra layer of security and a visible mark of legitimacy.